On Friday 16 May 2008, King Spook wrote: > I was looking at my users and groups on my box, and I realized that > certain services add user accounts with specific UIDs, but then just > gets the next GID for it's corresponding group. I know I, > personally, would like to have the UIDs and GIDs match (and I spent > the time with usermod, groupmod, and find fixing it so it was). > > I was wondering if there was any policy for this (and if so, should I > file bugs?), and how other people felt about this, and if there was > any reason not to have the UIDs and GIDs correspond.
The reason is simple - it doesn't matter and you shouldn't concern yourself with such detail. uids map to usernames so that you can concentrate on meaningful names rather than meaningless 16 bit integers... There isn't a one-to-one correspondence between users and groups because this is usually pointless, and because of the following entirely realistic (but made up by me) type of scenario: postfix runs as the postfix user postfixadmin runs as the postfixadmin user mailscanner and spamassassin run as the mailscan user all three daemon users have the "mail" group as their primary group. At this point you have lost the synchronization between uid and gid sequencing and have to insert two blank groups to get it back. This is so grossly inelegant it defies description, utterly completely pointless and a total waste of dev time. Some of these accounts are defined in baselayout - the ones that can reasonably be assumed to be needed on almost all machines. The rest result from useradd/groupadd calls from the ebuild, which simply take the next one in sequence. The only broken app I have worked with in ages that required me to look up a uid/gid for it's config was postfixadmin, for all others I simply used the user/group name, which is totally sensible. By all means file a bug, but be aware Jakub will probably close it immediately as NOTABUG or WONTFIX -- Alan McKinnon alan dot mckinnon at gmail dot com -- [email protected] mailing list
